public function testRun()
{
$this->resetDb();
$app = $this->getApp();
$repo = $app['storage']->getRepository('Bolt\\Storage\\Entity\\Users');
$user = new Entity\Users(['username' => 'koala', 'password' => 'GumL3@ve$', 'email' => '*****@*****.**', 'displayname' => 'Drop Bear', 'roles' => ['root']]);
$repo->save($user);
$command = new UserResetPassword($app);
$tester = new CommandTester($command);
$helper = $this->getMock('\\Symfony\\Component\\Console\\Helper\\QuestionHelper', ['ask']);
$helper->expects($this->once())->method('ask')->will($this->returnValue(true));
$set = new HelperSet(['question' => $helper]);
$command->setHelperSet($set);
$tester->execute(['username' => 'koala'], ['interactive' => false]);
$result = $tester->getDisplay();
$this->assertRegExp('#New password for koala is #', trim($result));
$this->assertSame(38, strlen(trim($result)));
// Test that the saved value matches the hash
$repo = $app['storage']->getRepository('Bolt\\Storage\\Entity\\Users');
$userEntity = $repo->getUser('koala');
$userAuth = $repo->getUserAuthData($userEntity->getId());
$crypt = new PasswordLib();
// Check the old password isn't valid
$auth = $crypt->verifyPasswordHash('GumL3@ve$', $userAuth->getPassword());
$this->assertFalse($auth);
// Check the new password is valid
$bits = explode(' ', trim($result));
$auth = $crypt->verifyPasswordHash($bits[5], $userAuth->getPassword());
$this->assertTrue($auth);
}
public function testVerifyPasswordHash()
{
$password = '******';
$prefix = Blowfish::getPrefix();
$crypt = new PasswordLib();
$test = $crypt->createPasswordHash($password, $prefix);
$this->assertTrue($crypt->verifyPasswordHash($password, $test));
}
/**
* Check a user login request for username/password combinations.
*
* @param string $userName
* @param string $password
*
* @return boolean
*/
protected function loginCheckPassword($userName, $password)
{
if (!($userEntity = $this->getUserEntity($userName))) {
return false;
}
$crypt = new PasswordLib();
if (!$crypt->verifyPasswordHash($password, $userEntity->getPassword())) {
$this->loginFailed($userEntity);
return false;
}
return $this->loginFinish($userEntity);
}
public function testRun()
{
$this->resetDb();
$app = $this->getApp();
$command = new UserAdd($app);
$tester = new CommandTester($command);
$tester->execute(['username' => 'test', 'displayname' => 'Test', 'email' => '*****@*****.**', 'password' => 'testPass', 'role' => 'admin']);
$result = $tester->getDisplay();
$this->assertEquals('Successfully created user: test', trim($result));
// Test that the saved value matches the hash
$repo = $app['storage']->getRepository('Bolt\\Storage\\Entity\\Users');
$userEntity = $repo->getUser('test');
$crypt = new PasswordLib();
$auth = $crypt->verifyPasswordHash('testPass', $userEntity->getPassword());
$this->assertTrue($auth);
}
public function testSetRandomPassword()
{
$app = $this->getApp();
$this->addDefaultUser($app);
$entityName = 'Bolt\\Storage\\Entity\\Users';
$repo = $app['storage']->getRepository($entityName);
$logger = $this->getMock('\\Monolog\\Logger', ['info'], ['testlogger']);
$logger->expects($this->atLeastOnce())->method('info')->with($this->equalTo("Password for user 'admin' was reset via Nut."));
$app['logger.system'] = $logger;
$password = new Password($app);
$newPass = $password->setRandomPassword('admin');
$userEntity = $repo->getUser('admin');
$crypt = new PasswordLib();
$compare = $crypt->verifyPasswordHash($newPass, $userEntity->getPassword());
$this->assertTrue($compare);
$this->assertEmpty($userEntity->getShadowpassword());
$this->assertEmpty($userEntity->getShadowtoken());
$this->assertNull($userEntity->getShadowvalidity());
}
private function configureListeners()
{
$this->before(function (Request $request) {
$this['locale'] = $request->headers->get('Content-Language', $this['config']['locale']);
if (0 === strpos($request->headers->get('Content-Type'), 'application/json')) {
$data = json_decode($request->getContent(), true);
$request->request->replace(is_array($data) ? $data : []);
}
});
$this->before(function () {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
throw new UnauthorizedHttpException('Teampass API', $this['translator']->trans('user.unauthorized', [], 'messages', $this['locale']));
}
$user = $this['repository.user']->findByLogin($_SERVER['PHP_AUTH_USER']);
if (null === $user) {
throw new AccessDeniedHttpException($this['translator']->trans('user.not_found', ['username' => $_SERVER['PHP_AUTH_USER']], 'messages', $this['locale']));
}
if (true == $user['disabled']) {
throw new AccessDeniedHttpException($this['translator']->trans('user.disabled', ['username' => $_SERVER['PHP_AUTH_USER']], 'messages', $this['locale']));
}
$crypt = new PasswordLib();
if (!$crypt->verifyPasswordHash($_SERVER['PHP_AUTH_PW'], $user['pw'])) {
throw new AccessDeniedHttpException($this['translator']->trans('user.wrong_password', [], 'messages', $this['locale']));
}
$this['user'] = $user;
});
$this->error(function (\Exception $e, $code) {
return new JsonResponse(['code' => $code, 'message' => $e->getMessage()], $code, ['Content-Type' => 'application/problem+json']);
});
}
